Location : Ontario, CA
Summary
Reporting to the Network & Information Systems Manager, the IT Security Analyst will play a critical role in protecting the company’s digital assets from threats and unauthorized access across multiple platforms on-prem and in the cloud. With a keen sense of urgency; analyzing logs, risks, vulnerabilities, and threats on a day-to-day basis safeguarding and tuning systems will ensure a proactive approach to sustain the company’s security posture.
Key Responsibilities
- Monitor, analyze, hunt, and respond to logs/events/anomalies from various sources including Firewalls, Active Directory, Azure, Spam Filters, Data Loss Prevention systems, network traffic, XDR/SEIM events and more
- Create, modify, and tune the SIEM rules to adjust the specifications of alerts, incidents, and anomalies
- Immediate response to security incidents, threats, and vulnerabilities
- Produce reports on security activities, incidents, remediations, and recommendations for management advising on best practices for security, compliance, and risk management measuring, “what we are doing today and what could we do better.”
- Stay up to date with the latest security threats, trends, and best practices, and apply this knowledge to enhance our security posture
- Collaborate with the IT leadership for continuous development on strategies for threat prevention, detection, and mitigation
- Orchestrate regular security assessments, vulnerability scans, and penetration testing to identify weaknesses and recommend improvements
- Audit and maintain security tools and systems are up to date and properly configured
- Provide support and tuning for email security, including Microsoft Exchange and spam filtering platforms
- Participate in the continuous development of incident response and disaster recovery plans
- Manage GRC (Governance, risk management, and compliance) goals and initiatives platform
- Manage end user security awareness training platform
Qualifications
- Bachelor’s degree in computer science, Information Security, related field or equivalent experience with certifications
- Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent certifications preferred.
- 5+ years hands-on experience in SIEM tools implementing, operating, maintaining, and incident management in mission critical environments
- Proven experience in security monitoring, incident response, and threat detection
- Experience with XDR, firewall logs analysis, and Active Directory logs
- Well-rounded in-depth knowledge of operating systems, Active Directory, Group Policies, scripting, and cloud security features
- Strong understanding of email security and social engineering
- Proficiency in security tools and software
- Critical thinking and problem-solving skills with attention to detail
- Strong communication, documentation, and teamwork skills
- Ability to work independently and in a fast-paced environment
- Commitment to maintaining the highest ethical and professional standards
Desired Skills
- Ethical hacking
- Computer forensics
- Reverse engineering
- Understand threat analysis models like MITRE ATT&CK Framework
- Public cloud infrastructure (Azure, AWS)
